In their battle against quickly spreading flames, fire-fighters regularly erect firewalls, barriers used to prevent the fire from dispersing. Desktop firewalls (DTFW) are barriers that protect computers from the dangers of the internet and networks. For those who think having an anti-virus program on their computer is enough, think again. Having a DTFW is a necessary defense against the threats your anti-virus will miss, like zero day attacks. Zero day attacks are computer threats that take advantage of holes in a computer application or operating system before the hole has been discovered or fixed by the software developer. Zero days are very dangerous because they are missed by your antivirus or antispyware. Without a firewall, your applications and files are at risk from attack.

A firewall is an information technology security device that decides whether to permit or deny data connections based on the organization’s security policy. It filters network traffic and determines if it should be sent to its destination or not. How does it determine what to let in/out and what to stop? Usually, you or your firewall administrator can define the rules the firewall works by based on your system and network. Attributes used to filter traffic include:

• IP address of the source
• Source port
• IP address of the destination
• Destination port
• Destination service (such as WWW or FTP)
• Protocols
• TTL (time-to-live) values
• The source’s domain name
• Other features

DWFW control the network traffic on your computer by sometimes prompting you when a connection is attempted, asking for your permission before opening an application, then adapting your security policy accordingly. Other times it will terminate or block a connection if it suspects there is an intrusion or threat to the computer. It works to prevent unauthorized users from accessing your PC, both from the internet and from your local network, say in your office at work. It also protects against some viruses and dangerous applications and will prevent your confidential information from being sent without your permission. Finally, they block those annoying popups and ads from appearing on your screen.

As with most security options available, a firewall can be enforced on its own for individual use, or it can be centrally managed from a single console for midsize to larger businesses. In the latter case, the administrator can set policies for the DTFW and send out regular updates and changes for the software. With centralized management, businesses can save valuable time and money.